Newer versions of the WHM/cPanel software often has default SSL/TLS settings in its Exim based mail server that will reject connections from some Internet hosts on the standard SMTP port (port 25) with an error like:
TLS error on connection from … (SSL_accept): error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
If this is happening, you can “dial down” the default SSL/TLS settings of cPanel’s Exim mail server through logging into your WHM site as its ‘root’ user, going to WHM -> Service configuration -> Exim Configuration Manager page and in the Find: field type “ssl”.
You’ll then see some items in the Security section of this configuration and you should set the following:
Allow weak SSL/TLS ciphers = On
Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server = Off
Options for OpenSSL = +no_sslv2 +no_sslv3
And then Save those updates.
This returns cPanel’s Exim mail server to older settings more compatible with much of the Internet’s email traffic.
FYI,
Richard.